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Attorney's Docket No. INF-Q09 PATENT APPLICATION 

IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 

Box Patent Application 

Assistant Commissioner for Patents 

Washington, D.C. 20231 

NEW APPLICATION TRANSMITTAL 

Transmitted herewith for filing is the patent application of 
lnventor(s): Steven T. Kirsch 

WARNING: Patent must be appiied for in the nanie($) ofaJiofthe actual inventorts). 37 CFR 1.41(a) and 1.53(b), 
For (title): DOCUMENT RETRIEVAL SYSTEM WITH ACCESS CONTROL 



CERTIFICATION UNDER 37 CFR 1.10 



I hereby certify that this New Application Transmittal and the documents referred to as etgjiosed therein are being 

deposited wrth the United States Postal Service on this date Septonaber 10 ^ 1997 ^ an envelope 

as "Express Mail Post Office to Addressee" Mailing Label Number EM097355446US , addressed 

to the: Assistant Commissioner for Patents, Washington, D.C. 20231 . 

Larry Santos 



(type or print name of person ma/ling paper) 



jre of aerjon \ 



signature of i^ei^n mailing paper 

NOTE: Each paper or fee referred to as enclosed herein has the number of the "Express Mail" mailing label placed 
thereon prior to mailing. 37 CFR 1.10(b). 

WABNINQ: Certificate of mailing (first class) or facsinvie transmission procedures of 37 OIrR 1.B cannot be used 
to obtain a date of mailing or transmission for this con^espondence. 
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1. Type of Application 

This new application is for a(n) 

(check one applicable item below) 

Kl Original (nonprovisional) 

□ Design 
□ Plant 

WARNING: Do not use this transmittal foe a completion in the U.S. of an International Application under 35 
U.S.C. 371(cX4), unless the }ntemationai Application is being filed as a divisionai, continuation or 
continuation-in-part application. 

WABNINQ: Do not use this transmittal for the filing of a provisional application, 

NOTE' Hone of the following 3 items apply, then complete and attach ADDED PAGES FOR NEW APPLICATION 
TRANSMITTAL WHERE BENEFIT OF A PRIOR U.S. APPLICATION CLAIMED and a NOTIFICATION 
IN PARENT APPUCAVON OF THE FILING OF THIS CONTINUATION APPUCATION. 

□ Divisional. 

□ Continuation. 

□ Continuation-in-part (C-l-P). 

2. Benefit of Prior U.S. Application(s) (35 U.S.C. 119(e), 120, or 121) 

NOTE: ff the new application being transmitted is a divisional, continuation or a continuation-in-part of a parent 
case, or where the parent case is an International Application which designated the U.S., or benefit 
of a prior provisional application is claimed, then check the following item and complete and attach 
ADDED PAGES FOR NEW APPUCAVON TRANSMmAL WHERE BENEFfT OF PRIOR U.S. APPUCA- 
VON(S) CLAIMED. 

WARNINa- If an application claims the benefit of the filing date of an earlier filed application under 35 U.S.C. 

' 120, 121 or 3S5(c), the 20-yeaf term of that application will be based upon the filing date of the 
earliest U.S. application that the application makes reference to under 35 U.S.C. 120, 121 or 365(c), 
(35 U.S.C. 154(a)(2) does not take into account, for the determination of the patent term, any 
application on which priority is claimed under 35 U.S.C. 119, 365(a) or 365(b).) For a c-f-p 
application, applicant should review whether any daim in the patent that will issue is supported 
by an earlier application and, if not, the applicant should consider canceling the reference to the 
earlier filed application. The term of a patent is not based on a claim-by-claim approach. See Notice 
of April 14, 1995, 60 Fed. Reg. 20,195, at 20,205. 

WARNING: When the last day of pendency of a pn^visionai application fails on a SatunJay, Sunday, or Federal 
holiday within the District of Columbia, any nonprovisional application claiming benefit of the 
provisional application must be filed prior to the Saturday, Sunday, or Federal holiday within the 
District of Columbia. See 37 C.F.R. § 1JB(a)(3). 

□ The new application being transmitted claims the benefit of prior U.S. applica- 
tion(s) and enclosed are ADDED PAGES FOR NEW APPLICATION TRANSMIT- 
TAL WHERE BENEFIT OF PRIOR U.S. APPL!CATION(S) CLMMED. 

3. Papers Enclosed That Are Required for Filing Date under 37 CFR 1.53(b) 
(Regular) or 37 CFR 1.153 (Design) Application 

9 Pages of specification 

4 Pages of claims 

^ Pages of Abstract 

^ Sheets of drawing 

H formal 

□ infonmal 
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WARNING: DO NOT submit ongmai drawings, A high quality copy of the drawings should be supplied when 
filing a patent application. The drawings that are submitted to the Offtce must be on strong, white, 
smooth, and non-shtny paper and meet the standards according to § 1.84, If conrectk>ns to the 
drawings are necessary, they should be made to the original drawing and a high-quality copy of 
the corrected original drawing then submitted to the Office. Only one copy is required or desired. 
Comments on proposed new 37 CFR 1.84, Notice of March 9, 1988 (1990 O.G. 57-62). 
NOTE' "Identifying indicia, if provided, should include the application number or the title of the invention, 
inventor's name, docket number Of any), and the name and telephone number of a person to call if 
the Offtce is unable to match the drawings to the proper application. This information should be placed 
on the back of each sheet of drawing a minimum distance of 1,5 cm. (5/8 inch) down from the top 
of the pager 37 C.F.R. 1,&4(c)). 

(complete the following. If applicable) 

□ The enclosed drawing(s) are photograph(s), and there is also attached a 
"PETITION TO ACCEPT PHOTOGRAPH{S) AS DRAW1NG{S)." 37 C.F.R. 1.84(b). 

i. Additional papers enclosed 

□ Preiiminary Amendnnent 

S information Disclosure Statement (37 CFR 1.98) 
IS Form PTO-1449 

□ Citations 

□ Declaration of Biological Deposit 

□ Submission of "Sequence Usting/ computer readable copy and/or amendment 
pertaining thereto for biotechnology invention containing nucleotide and/or 
amino acid sequence. 

□ Authorization of Attomey(s) to Accept and Follow Instmctions from Representa- 
tive 

□ Special Comments 

□ Other 

5. Declaration or oath 

1x1 Enclosed 
Executed by 

(check all applicable boxes) 

^ inventor(s). 

□ legal representative of inventor(s). 
37 CFR 1.42 or 1.43. 

□ joint inventor or person showing a proprietary 
interest on behalf of inventor who refused to sign 
or cannot be reached. 

□ This is the petition required by 37 CFR 1 .47 and the statement 
required by 37 CFR 1.47 is also attached. See item 13 below for 
fee. 

□ Not Enclosed. 

WARNING: Where the fiUng is a completion in the U.S. of an International Application, but where a declaration 
is not available, or where the comptetion of the US, application contains subject matter m addition 
to the International Application, the application may be treated as a continuation or contnuation-tn- 
part as the case maybe, utilizing ADDED PAGE FOR NEW APPLICATION TRANSMfTTAL WHERE 
BENEFff OF PRIOR U.S. APPUCATION CLAIMED. 

(Application TransmittaJ [4-1] — page 3 of 9) 



□ Application is made by a person authorized under 37 CFR 1.41(c) on behalf 
of all the above named inventor(s), 

(The declaration or oath, along with the surcharge required by 37 CFR 1. 16(e) 

can be filed sut^quently). 

NOTE: n is important that alt the correct inventor(s) are named for filing under 37 CFR 1,41 (c) and 1.S3(b). 

□ Showing that the filing is authorized. 

(not required unless called into question. 37 CFR 1,41 (d)) 

6. Inventorship Statement 

WABNINQ: tf the reamed inventors are each not the inventors of att the cfaims an expianation, inciuding the 
ownership of the various ciaims at the time the last claimed invention was made, should be 
submitted. 

The inventorship for all the ciaims in this application are: 
H The same. 

or 

□ Not the same. An explanation, including the ownership of the various claims at 
the time the last claimed invention was made, 

□ is submitted. 

□ will be submitted. 

7. Language 

NOTE: An application including a signed oath or declaratjon may be filed in a language other than English. 
A verified English translation of the r}on-English language application and the f>rocessir}g fee of $130.00 
required by 37 CFR 1,17(k) is required to be fifed with the application, or within such time as may be 
set by the Office, 37 CFR 1,52(d), 

NOTE: A non-Er^glish oath or declaration in the form provided or approved by the PTO need ryot be translated. 
37 CFR 1,69(b). 

El English 

□ Non-English 

□ The attached translation is a verified translation. 37 CFR 1.52(d). 

8. Assignment 

□ An assignment of the invention to 



□ is attached. A separate □ "COVER SHEET FOR ASSIGNMENT (DOCU- 
MENT^ ACCOMPANYING NEW PATENT APPLICATION" or □ FORM PTO 
1595 is also attached. 

□ will follow. 

NOTE: "If an assignment is submitted with a new application, send two separate letters-one for the application 
and one for the assignment" Notice of May 4, 1990 (1114 O.G. 77-76). 

WAT^NING: A newly executed "CERTIFICATE UNDER 3 7 CFR 3. 73(b)' must be filed when a continuat'on-in-part 
application is filed by an assigrwe. Notice of April 30, 1993, 1150 O.G. 62-64. 
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9, Certified Copy 

Certified copyfies) of appncation(s) 



country 


appln. 


no. 


filed 


country 


appln. 


no. 


filed 


country 


appln. 


no. 


filed 



from which priority is claimed 



□ is (are) attached. 

□ will follow. 

NOTE: The for&gn application forming the basis for the claim for priority must be referred to in the oath or 
dectaratjon. 37 CFR 1.55(a) and 1.63. 

NOTE: This item is for any foreign priority for which the application being filed directly relates. If any parent 
U.S. application or International Application from which this application claims benefit under 35 U.S.C, 
120 is itseff en&ied to priority from a prior foreign application, then complete item 18 on the ADDED 
PAGES FOR NEW APPUCATION TRANSMfTTAL WHERE BENEFIT OF PRIOR U.S. APPUCATION(S) 
CLAIMED. 

10. Fee Calculation (37 CFR 1.16) 

A. a Regular application 



CLAIMS AS FILED 


Number filed 


Number Extra 


Rate 


Basic Fee 
37 CFR 1.16(a) 
$770-00 


Total 

Claims (37 CFR 1.16(c))l9 - 20 


= 0 X 


$ 22.00 




Independent 

Claims (37 CFR 1.16(b)) 3 - 3 


= 0 X 


$ 80.00 




Multiple dependent claim(s). 
if any (37 CFR 1.16(d)) 


+ 


260.00 





□ Amendment cancelling extra claims enclosed. 

□ Amendment deletir g multiple-dependencies enclosed. 

□ Fee for extra claims is not being paid at this time. 

NOTE: If the fees for extra claims are not paid on filing they must be paid or the claims cancelled by amendment, 
prior to the expiration of the time period set for response by the Patent and Trademark Office in any 
notice of fee deficiency 37 CFR 1.ie(d). 

Filing Fee Calculation $ ^^^-^^ 
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B. □ Design application 

($310.00—37 CFR 1.16(f)) 

Filing Fee Calculation $ 

C. □ Plant application 

($510,00-37 CFR 1.16(g)) 

Filing fee calculation $ 

11. Small Entity Statement(s) 

S Verified Statennent(s) that this is a filing by a small entity under 37 CFR 1 .9 and 
1 .27 is (are) attached. 

WMNINQ: 'Status as a smalt entity in one application or patent does not affect any other application or patent, 
including applications or patents which are directly or indirectly dependent upon the application 
or patent in which the status has been established. A nonprovisiormi application claiming benefit 
under 35 U.S.C. 1 19(e). 120, 121 or 365(c) of a prior application may rely on a verged statement 
filed in the prior application if the nonprovisional application includes a reference to a verified 
statement in the prior application or includes a copy of the verified statement filed in the prior 
application if status as a small entity is still proper and desired." 37 CF.R § 1.28(a). 

(complete the following, if applicable) 

□ Status as a small entity was claimed in prior application 

/ , filed on from which benefit 

is being claimed for this application under. 

35 U.S.C. □ 119(e), 

□ 120, 

□ 121, 

□ 365(c), 

and which status as a small entity is still proper and desired. 
□ A copy of the verified statement in the prior application is included. 
Filing Fee Calculation (50% of A, B or C above) $- 3 85 .00 



NOTE: Any excess of the full fee paid will be refunded if a venfied statenwnt and a refund request are filed 
within 2 months of the date of timely payment of a full fee. The two-month period is not extendable 
under § 1.136. 37 CFR 1.28(a). 

12. Request for International-Type Search (37 CFR 1.104(d)) 

(complete, if applicable) 

□ Please prepare an international-type search report for this application at the time 
when national examination on the merits takes place. 
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13. Fee Payment Being Made at This Time 
□ Not Enclosed 

□ No filing fee is to be paid at this time. 

ffhis and the surcharge required by 37 CFR 1,1 6(e) can be paid subse- 
quently.) 
(El Enclosed 

r-.r,-rr* <t385.00 

SI Basic filing fee ^ 

□ Recording assignment 
($40.00; 37 CFR 1.21(h)) 

(See attached "COVER SHEET FOR 
ASSIGNMENT ACCOMPANYING NEW 

APPLICATION",) $ 

□ Petition fee for filing by other than all the 
inventors or person on behalf of the Inventor 
where inventor refused to sign or cannot be 
reached. 

($130.00; 37 CFR 1.47 and 1.17(h)) $ 

□ For processing an application with a 
specification in 

a non-English language. ($130.00; 37 CFR 

1.52(d) and i:i7(k)) $ 

□ Processing and retention fee 

($130.00; 37 CFR 1.53(d) and 1.21(1)) $ 

□ Pee for intemational-type search report 
($40.00; 37 CFR 1.21(e)) $ 



NOTE; 37 CFR 1.21(1) establishes a fee for prcx:essing and retaining any application that is abandoned for failing 
to complete the application pursuant to 37 CFR 1.53(d) and this, as welt as the changes to 37 CFR 
T.53 and 1.78, indicate that in order to obtain the benefit of a prior US. application, either the basic 
filing fee must be paid, or the processing and retention fee of§ 1.21(1) must be paid, within 1 year from 
notification under § 53(d). 

^ . , * I M <t 385.00 
Total fees enclosed 

14. Method of Payment of Fees 

El Check in the amount of $ 385.00 

□ Charge Account No — in the amount of $ 

A duplicate of this transmittal is attached. 

NOTE.' Fees should te itemized in such a manner that it is dear for which purpose the fees are paid. 37 CFR 
1.22(b). 
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15, AuthorlMtlon to Charge Additional Fees 

WARNINO: tf no fees are to be paid on filing, the foUowing items shoufd not be completed, 
WARNING: Accuratefy count daJms, especially muttipie dependent cte/ms, to avoid unexpected high charges, 
if extra claim charges are authorized. 

H The Commissioner is hereby authorized to charge the following additional fees 
by this paper and during the entire pendency of this application to Account No. 
19-0590 ; 

El 37 CFR 1.16(a), (f) or (g) (filing fees) 
EI 37 CFR 1.16(b). (c) and (d) (presentation of extra claims) 
A/OTH: Because additional fees for excess or multiple dependent ctainjs not paid on filing or on later presentation 
must only be pa/d or these claims cancelled by amendment prior to the expiration of the time period 
set for response by the FTO in any notice of fee cfeficiency (37 CFR 1.16(d)), it might be best not to 
authorize the PTO to charge additional claim fees, except possit>ly when dealing with amendments after 
final action. 

□ 37 CFR 1.16(e) (surcharge for filing the basic filing fee and/or declaration 
on a date later than the filing date of the application) 

□ 37 CFR 1.17 (application processing fees) 

WARNING: White 37 CFR 1. 1 7(a), (b), (c) and (d) deal with extensions of time under § 1 136(a). this authorization 
should be made only with the knowledge that 'Submission of the appn>priate extension fee under 
37 C.F.R. t. 136(a) is to no avail unless a request or petition for extension is filed. " (Emphasis added). 
Notice of November 5, 1985 (1060 O.G. 27). 

□ 37 CFR 1.18 Ossue fee at or before mailing of Notice of Allowance, pursuant 
to 37 CFR 1.311(b)) 

NOTE Where an authorization to charge the issue fee to a deposit account has been filed before the mailing 
ofaNo^ of Allowance, the issue fee will be automaticaJfy charged to the deposit account at the time 
of maiUng the notice of allowance. 37 CFR 1.311(b). 

NOTE: 37 CFR 1.28(b) requires 'Notification of any change in loss of entitSement to smalt entity status must 
be filed in the application . . . prior to paying, or at the time of paying, . . . issue fee,' From the wording 
of 37 CFR 1.28(b): (si notification of change of status must be made even if the fee is paid as 'other 
than a sm^l entit/' and (b) no notification is required if the change is to another smalt entity. 

16. Instructions as to Overpaynwnt 

H Credit Account No. 19-0590 

□ Refund 



Reg, No. 24, 518 




SIGNATURE OF ATTORNEY 




{type or print name of attorr)ey) 

Tel. No. { 408 ) 297-9733 p.Q. Box 2-E 



P.O. Address 

San Jose, CA 95109-0005 



(Application Transmittal [4-1] — page 8 of 9) 



□ Incorporation by reference of added pages 

(check the following item if the application in this transmittal claims the 
benefit of prior U.S. application(s) (including an international application 
entering the U,S. stage as a continuation, divisional or C-l-P application) and 
complete and attach the ADDED PAGES FOR NEW APPUCATION TRANS- 
MITTAL WHERE BENEFIT OF PRIOR U.S. APPLICATION(S) CLAIMED) 

Pius Added Pages for New Application Transmittal Where Benefit of Prior U.S. 
Application(s) Claimed 

Number of pages added™ 

Plus Added Pages for Papers Referred to in Item 4 Above 

Number of pages added 

Plus **Assignment Cover Letter Accompanying New Application" 

Number of pages added— 

m Statement Where No Further Pages Added 

(if no further pages form a part of this Transmittal, then end this Transmittal 
with this page and check the following item.) 

S This transmittal ends with this page. 



□ 

□ 

□ 
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Please type a plus stgn (+) msjcJe this box — > [ -t- [ 



PT0/S8A)1 (8-96) 
Approved for use through 9/30/96 OMB 0651-0032 
Patent and Trademark Office; U S DEPARTMENT OF COMMERCE 







INF-009 ^ 


DECLARATION FOR 


First Named Inventor 


Steven T. Kirsch 


UTILITY OR DESIGN 
PATENT APPLICATION 


COMPLETE IF KNOWN 


Application Number 




Filing Date 




irri Declaration OR pi Deciaration 


Group Art Unit 




' Submitted Submitted after 
with Initial Filing Initial Filing 


Examiner Name 


J 



As a below named Inventor, I hereby declare that: 

My residence, post office address, and citizenship are as stated below next to my name 

I believe I am the original, first and sole inventor (rf only one name is listed below) or an onginal, first and joint inventor (if plural names are listed 
below) of the subject matter which is claimed and for which a patent is sought on the invention entitled : 



DOCXMENT RETRIEVM. SYSTEM WITH AOZESS CCMTROL 



the specification of which 

is attached hereto 
OR 

I [ was filed on {MM/DD/YYYY) 



(Title of the Invention) 



as United States Application Number or PCT International 



Application Number 



and was amended on (MM/DD/YYYY) 



(if applicable). 



1 hereby state that I have reviewed and understand the contents of the above identified specification, including the claims, as amended by any 
amendment specifically referred to above 



I acknowledge the duty to disclose information whicb is material to patentability as defined in Title 37 Code of Federal Regulations, § 1 .56. 



t hereby claim foreign priority benefits under Title 35. Unrted Stales Code §119 {a)-(d) or § 365(b) of any foreign applicat(on(s) for patent or inventor's 
certificate, or §365 (a) of any PCT international application which designated at least one country other than the United States of America, listed 
t>efow and have also identified below, by checking the box, any foreign application for patent or inventor's certificate, or of any PCT international 
application having a filing date before that of the application on which pnorrty is claimed 



Prior Foreign Application 
Number(s) 


Country 


Foreign Filing Date 
(MM/DD/YYYY) 


Priority 
Not Claimed 


Certified Copy Attached? 
YES NO 








□ 


□ 


□ 








□ 


□ 


□ 








□ 


□ 


□ 








□ 


□ 


□ 








□ 


□ 


□ 








□ 


□ 


□ 



I I Additional foreign application numbers are listed on a supplemental priority sheet attached hereto: 



I hereby claim the benefit under Title 35, United States Code § 119(e) of any United States provisional application(s) listed below. 



Application Number(s} 



Filing Date (MM/DD/YYYY) 



I ] Additional provisional application 
numbers are listed on a 

suppiennental priority sheet 

attached hereto. 
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Burden Hour Statement: This form is estimated to take 0.4 hours to complete. Time wilt vary depending upon the needs of the indMdua! case. Any comments on 
the amount of time you are required to complete this form should be sent to the Chief Information Officer. Patent and Trademark Office, Washington. DC 20231. 
DO NOT SEND FEES OR COMPLETED FORMS TO THIS ADDRESS. SEND TO: Commissioner of Patents and Trademarks. Washington. DC 20231. 
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PTO/SB/01 (8-96) 
Approved for use through 9/30/98. 0MB 0651-0032 
Patent and Tradenraric Office: U S. DEPARTMENT OF COMMERCE 
Under the Paperwork Reduction Ad of 1995 no persons are required to respond to a coltectton of infornnation unless It contains a valid 0M8 control numbei 



El 



DECLARATION 



I hereby claim the benefit under Trtte 35. United States Code §120 of any United States app(ication(s). or §365(c) of any PCT international applicatwn 
designating the United States of America, listed tielow and. insofar as the subject matter of each of the claims of this application is not disclosed in the 
prior United States or PCT International application in the manner provided by the first paragraph of Title 35. United States Code §112. I 
acknowledge the duty to disclose information which is matena! to patentability as defined in Title 37. Code of Federal Regulations §1.56 which 
became available between the filing date of the pnor application and the national or PCT international filing date of this application. 



U.S. Parent Application 
Number 


PCT Parent 
Number 


Parent Filing Date 
(MM/DD/YYYY) 


Parent Patent Number 
(if applicable) 











I I Additional U S or PCT internationai application numbers are listed on a supplemental pnorrty sheet attached hereto. 



As a named inventor. I hereby appoint the following registered practitioner(s) to prosecute this application and to transact all business in the Patent 
and Trademark Office connected therewith 



Name 


Registration 
Number 


Name 


Registration 
Number 


Thcffnas Schneck 


24,518 






Mark Protsik 


31,788 






Kenneth C. Brooks 


38,393 






George B. F. Yee 


37,478 







Direct all correspondence to Custxiner NO • 



Name 


Thcmas Schneck 


Address 


P,0, Box 2-E 


Address 




City 


San Jose 




State 


CA 




1 ZIP 95109-0005 


Country 


U.S.A. 


Telephone 


408/297-9733 


Fax 


408/297-9748 



be true, and further that these statements were made with the knowledge that willful false statements and the like so made are punishable by fine or 
imprisonment, or both, under Section 1001 of Title 18 of the United States Code and that such wilfful false statements may jeopardize the validity of 
the application or any patent issued thereon 



Name of Sole or First Inventor: 



Given 
Name 



n A petition has been filed for this unsigned Inventor 



Steven 



Middle 




Inftiat 


T. 



Family 
Name 



Kirsch 



Suffix 
e.g. Jr. 



Inventor's 
Signature 




Date 



W97 



Residence: City 



Los Altos 



state ::a 



Country U.S.A. 



Citizenship 



U.S.A. 



Post Office Address 



916 Lundy Lane 



Post Office Address 



City 



Los Altos 



State 



CA 



Zip 



94024 



Country 



U.S.A. 



n Additional inventors are being named on supplemental sheet(s) attached hereto 
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Approved for use through 10/31/99. OMB 0651-0031 
Patent and Trademaric Office; U.S. DEPARTMENT OF COMMERCE 
Under the Paperwork Reduction Act of 1995, no persons are required to respond to a collectjon of information unless it displays a valid OMB control number. 



VERIFIED STATEMENT CLAIMING SMALL ENTITY STATUS 
{37 CFR1. 9(f) &1.27(b))--INDEPENDENT INVENTOR 



Docket Number (Optional) 
INF-009 



... X D . * Steven Kirsch 
Applicant or Patentee : 



Application or Patent No. : _ 



Filed or Issued:^ 

IXDCUMENT REiraEVAL SYSTED4 WITH ACCESS CONTEDL 
Title' 

As a below named inventor, I hereby declare that I qualify as an independent inventor as defined in 37 CFR 
1.9(c) for purposes of paying reduced fees to the Patent and Trademark Office described in: 

^ the specification filed herewith with title as listed above. 

[ I the application identified above. 

I I the patent identified above. 

I have not assigned, granted, conveyed, or licensed, and am under no obligation under contract or law to assign, 
grant, convey, or license, any nghts in the invention to any person who would not qualify as an independent inventor 
under 37 CFR 1 .9(c) if that person had made the invention, or to any concern which would not qualify as a small 
business concern under 37 CFR 1 .9(d) or a nonprofit organization under 37 CFR 1 .9(e). 

Each person, concern, or organization to which ! have assigned, granted, conveyed, or licensed or am under an 
obligation under contract or law to assign, grant, convey, or license any rights in the invention is listed below: 

I I No such person, concern, or organization exists. 

[3c| Each such person, concern, or organization is listed below. 

Infoseek Corporation 
1399 lybffett Park Drive 
Sunnyvale, California 94089-1134 

Separate verified statements are required from each named person, concern, or organization having rights to the 
invention averring to their status as small entities. (37 CFR 1 .27) 

1 acknowledge the duty to file, in this application or patent, notification of any change in status resulting in loss of 
entitlement to small entity status prior to paying, or at the time of paying, the earliest of the issue fee or any 
maintenance fee due after the date on which status as a small entity is no longer appropriate. (37 CFR 1 .28(b)) 

I hereby declare that all statements made herein of my own knowledge are true and that all statement'^ made on 
information and belief are believed to be true; and furtherthatthese statements were made with the knowledge that 
willful false statements and the like so made are punishable by fine or imprisonment, or both, under section 1 001 
of Title 18 of the United States Code, and that such willful false statements may jeopardize the validity of the 
application, any patent issuing thereon, or any patent to which this verified statement is directed. 

Steven T. Kirsch 



NAME OF INVENTOR NAM EOF INVENTOR NAME OF INVENTOR 
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Description 

DOCUMENT RETRIEVAL SYSTEM WITH ACCESS CONTROL 

TECHNICAL FIELD 

The invention relates to electronic document 
retrieval and in particular to access control for docu- 
ments available on storage devices located remotely from 
each other. 

BACKGROUND ART 

In communication networks, document servers, 
i.e. electronic document storage devices such as large 
disk drives, are frequently located remotely from each 
other. In large companies, with plants and offices 
scattered in many different cities, a computer network is 
often designed to link all or most locations. The 
network frequently includes a search engine or query 
server having an index of every word in every document 
which is selected for electronic availability, together 
with indexes for every word of such documents, and with 
pointers identifying the full document and its server 
where it may be accessed by an address known as a URL* 
Users with terminals on the network can address the query 
server with questions phrased in terms of key words and 
obtain documents which contain the key words. The 
questions are usually phrased or interpreted by the query 
server with query operators. The index at the query 
server is consulted to determine if the keywords are in 
the index, how many times they appear, and the number of 
documents which are responsive to the question, as 
interpreted by the search engine at the query server. 
However, a user is not given access to those documents 
which are beyond his or her access level. 

In the prior art, the query server contained 
one list having the access level of each user. The index 
at the query server contained the access level associated 
with each corresponding document. Access was provided 
only to those documents for which the access level of the 
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user was appropriate by matching the two lists • The 
problem here was that the query server had to associate a 
security level with each document in the index, a cumber- 
some storage task. In the simplest case, a user is 
either given permission to search the database, or access 
is denied, with no middle ground* 

Variations of the above approach exist, but in 
most instances there is a comparison of two lists - the 
user list, with associated access levels, and the docu- 
ment list, with associated access levels. The document 
list contains the access level for each appearance of 
each document in the index • An object of the invention 
was to devise an access control system which enables 
secure searching without having to store any access 
15 information in the database associated with the search 
engine • 

A further object of the invention is to allow 
changes in a document server's access control list to be 
immediately reflected in searches of documents within 
2 0 that document server. 

A still further object of the invention is to 
allow a single centralized index of multiple document 
servers to be created, whereby searches of this central 
collection will only return titles of documents that a 
25 user has access to, with access control being determined 
at the remote document servers which contain relevant 
documents . 



30 



SUMMARY OF THE INVENTION 

The above object is achieved with a document 
retrieval system, with access control, in which the 
documents are stored in a distributed manner over a 
plurality of servers in a network, termed "web servers", 
but no access levels are associated with the documents or 
3 5 with the index at a query server. Instead of multiple 
control lists, a user enters, either manually or 
automatically, his or her user identification, together 
with the query to be searched. The search engine at the 
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query server receives the question and interprets the 
query operators to determine the number of hits respon- 
sive to the question. Each hit is associated with a 
document, in electronic form, located at a particular 
server by means of a pointer, known as a URL. However, 
before the hits are returned to the user, the hits are 
"screened" by determining from the web server whether the 
user has access using an access control list associated 
with the web server. The list associates user 
identification with URLs to which the user may have 
access . 

The search engine will not report the presence 
of the documents for which the access level is insuffi- 
cient. The web server returns documents for which the 
access level is compatible. Hence, the net result is that 
the user appears only to be able to search documents that 
the user has access to. 

An advantage of the present invention is that 
the security of each document is always consistent 
between the web server and the search index. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a plan view of the document retrieval 
and access control system of the present invention. 

Fig. 2 is a plan view of a first embodiment of 
an access control system in accord with the present 
invention. 

Fig. 3 is a plan view of a second embodiment 
of an access control system in accord with the present 
invention. 

Fig. 4 is a plan view of a third embodiment of 
an access control system in accord with the present 
invention. 
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BEST MODE FOR CARRYING OUT THE INVENTION 

With reference to Fig. 1, a coiamunications 
network, such as the Internet or a corporate intranet is 
indicated by the data bus line 11, a high speed conduit 
for digital data. Part of the network includes a query 
server 13 which is seen to comprise a search engine 15 
which is connected to the text index database 17. The 
search engine is a high speed processor connected to the 
network by communications link 11. The search engine has 
the task of going to each document address in the net- 
work, known as a URL, combing through each document 
associated with the URL and indexing such words in a text 
index 17. A "URL" is an address or pointer to a docu- 
ment, or a file, or a record in a database, in other 
words to a piece of information which has been stored at 
a site known as a web server 23. The initials URL are an 
abbreviation for "uniform resource locator", recognized 
by Internet and intranet servers. 

The URL is a string of ASCII characters with 
three common parts, a protocol indicator, a host server 
name, and a directory and file name, assuming that a file 
is the search target. An example would be 
http: / /f ederalexec.justice.gov/fbi/agents/cellular/ 
pagers.html. In the example, the protocol is "http" 
which is hypertext transfer protocol, a common protocol 
which allows linking of files. The host server is 
"federalexec.justice.gov/fbi/. The document and its 
directory is "fbi/agents/cellular/pagers.html. The 
present invention takes advantage of the hierarchical 
structure of URLs by allowing access to all items of 
information specified in the initial portions of the URL 
for each user, i.e. a partial URL. The more detail 
specified in a URL, the lower the level of access. For 
example, the access level associated with 

http://federalexec.justice.gov/fbi/ might allow access to 
all files and data in the fbi server, while the further 
specification of "/agents" would further specify a level 
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of access. In the present invention, a list of users 
would have each user associated with URLs, or partial 
URLs which that user could access. The http protocol is 
particularly useful because it works with "browsers", 
i.e. software programs which allow the formatting of 
documents in a uniform manner which can be read by any 
computer or terminal which can run the browser software. 
Thus, a terminal or computer need not have access to the 
word processing program in which the document was pre- 
pared. Perhaps the best known feature of http protocol 
is the "hyperlink" feature, allowing a user to jump from 
a word or symbol in one document to another URL which 
expands upon the word or symbol. Another type of proto- 
col which is commonly used is "ftp" or "fie transfer 
protocol". This allows direct access to computer files 
on designated servers and is not necessarily oriented to 
documents with hyperlinks, like http protocol. 

A text index at a query server, lists the words 
found in documents accessible to the server. In response 
to a search request, the query server interprets the 
request and produces the number of hits for the search 
terms together with the associated URLs for the informa- 
tion. Thus, the query server holds information on all 
documents of all Internet/ intranet sites and can produce 
corresponding URLs after a search. However, a user may 
not have proper access level for all of the documents 
found. In accord with the present invention, the user 
sees only those documents for which he has proper access. 

A typical web site 21 includes a web server 2 3 
and a document storage device 25. The web server 23 is a 
high speed processor and the storage device 2 5 is a disk 
drive. An access control list server 27 may be stored on 
storage device 25 or may have its own auxiliary storage 
device, as indicated in Fig. 1* If a separate storage 
device is used, such as a disk drive, it is also con- 
trolled by the web server 23. The web site 21 commu- 
nicates with other web sites, not shown, which are also 
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on the network and joined by one or more communication 
links, such as data bus line 11. The storage device 25 
holds electronic versions of documents which are avail- 
able for searching and retrieval, but without any access 
5 control information. 

In a corporate environment, the web site 21 may 
hold documents from the single plant or factory of a 
corporation. Other plants and factories have similar web 
sites which are all linked in a network known as an 
10 intranet. Access to documents is limited to persons who 
have proper authorization. Such authorization is main- 
tained in the access control list server 27 associated 
with each web site. The list server 27 contains user IDs 
and the list of URLs or partial URLs that each user may 
15 access. In another example, corporate payroll record 
documents might be accessible to all department level 
managers and their supervisors, plus all members of the 
payroll and accounting departments. All other corporate 
employees would not have access to payroll records and so 
would be excluded from payroll documents available on 
storage device 25. 

In operation, a user would send a query to 
search engine 15 which would interpret the query. An 
optional communications link 31 is provided to the access 
control list server 27 to determine whether the user may 
access web site 21 which has certain corporate documents 
in the search area under request. Assuming the user has 
initial access to the home page of web site 21 the search 
progresses by applying search terms to the index on 
3 0 storage device 17 which has pointers to text documents, 
such as URLS, found in the storage device 2 5 within web 
site 21. Assuming that payroll information is being 
requested and assuming that the payroll information is 
stored on storage device 25 which is accessed through the 
35 web server 23, the user identification is passed along to 
the web server 23. The web server 23 has access to the 
access control list server 27. The text index 17 has 
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identified documents in storage device 25. The access 
control list server 27 prevents the web server 2 3 from 
delivering any documents where the user identification 
indicates that the user does not authorization. Only 
those documents are pulled up for which the user has 
authorization. Those documents are then reported by the 
web server 23 to the search engine 15 which, in turn, 
reports the titles or bibliographic abstracts to the 
user. It should be noted that the user does not know 
about records for which access has been denied by the 
access control list server 27. 

It should also be noted that the full text 
index 17 has no access information. Similarly, the 
electronic document records in storage device 25 have no 
security labels or information. All security information 
is in the access control list server 27 which relates 
document titles in the text documents storage device 25, 
their access classification, plus user identification and 
the access level for each user. 

Example A 

With reference to Fig. 2, a query server 13 has 
access to an access control list file which can be 
located anywhere, but is associated, as by a data link, 
with one or more web servers 23 that are indexed by the 
query server. The access control list has a list of all 
users of the system, together with a list of documents 
that each user is permitted to access. The access 
control list file may be local to the query server 13 or 
may be accessed remotely using a file transfer protocol 
(FTP) . The query server uses its own f ilesystem file 
locator, 27, to access and interpret the access control 
list and calls up those documents in web servers 2 3 
responsive to a search query for which the user has 
access. Only those documents are presented to a user. 
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Exaiaple B 

With reference to Fig. 3, the query server 13 
accesses an access control list as in the prior example, 
except that HTTP protocol is used instead of using the 
5 filesystem or FTP. 

A particular user, Mr. Jones, ID 71234, might 
need access to FBI cellular communication device numbers, 
including pagers and telephones. A query is sent to the 
query server which uses HTTP protocol to access each 
10 access control list file associated with each web server 
whose documents are contained in the index. His access 
control entry would be as follows: 

71234=http: //federalexec . justice . gov/f bi/agents/ceilular/ . 

15 

He might have other entries for other classes of docu- 
ments, but this class of documents will relate to FBI 
cellular numbers, whether pagers, telephones, or other 
devices. A higher level of access would be as follows: 

20 

71324=htt.p: //federalexec. justice.gov/fbi/ 

and a lower level of access would be as follows: 
25 7i324=http://federalexec. justice, gov/fbi/agents/cellular/pagers. htm] 

In the latter case, Mr. Jones would not have access to 
cellular telephone numbers and the web server query 
server would not allow access to telephone numbers. In 
3 0 both cases, the access control file finds the user, 
71324, but in the latter case, access is denied. 



Example C 

With reference to Fig. 4, the query server 13 
is connected to a web server 23, as before, except that 
the web server is running a program, for example a search 
program, which is triggered or controlled from the query 
server by a communication, which invokes a script, batch 
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file or executable instruction, generated by the query 
server and meaningful to the program on the web server 
where the requested document is located. Each web server 
whose words are indexed validates its own documents for 
5 particular users using a validation message. Such 

communications are known as "gateway scripts". Gateway 
scripts are sometimes called CGI scripts, where CGI is an 
acronym for Common Gateway Interface. A script may have 
a URL in HTTP format which controls or operates the 

10 program in the web server to execute a search query. The 
script can be resident in the web server and be invoked 
only by the URL transmitted by the query server. The 
search server transmits the user identification and list 
of candidate URLs that match the query and requests a CGI 

15 script to validate the list of URLs. The web server 

performs the validation and returns a list back to the 
search server indicating the URLs which the user is 
entitled to read in accord with his access level. Those 
documents which are beyond his access level are not 

2 0 reported to the user. 

It is now possible to have a centralized index 
of documents found on multiple document servers, some or 
all of which may be remote. An access control list is 
associated with the index of documents. A search of the 
25 centralized index will report addresses, URLs, of various 
documents responsive to the search query. Since the 
access control list shows the URLs to which the user has 
access, only those titles to corresponding documents need 
to be shown to a user or fetched from a document server. 

3 0 An advantage of the present invention is that 

changes in the access control list are immediately 
reflected in searches, because the list links authorized 
documents for each user identification code, sometimes 
using a hierarchical structure. In this manner, large 
35 categories of documents can be included or excluded from 
a search with a single file entry, such as a partial URL. 
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Claims 

1. A document retrieval system with access control for a 
search engine capable of searching documents distributed 
over web servers in an electronic network comprising, 

one or more web servers having electronic 
versions of documents available by request, 

a search engine having access to access control 
lists for documents on the web servers, the access 
control list linking authorized users with all documents 
permitted for each authorized user, whereby documents 
found in a search are screened with the list to determine 
the documents for which a user performing a search has 
access. 



2. The system of claim 1 further defined by means for 
forwarding to the user only those document titles 
compatible with the authorized access of the user. 



3. The system of claim 1 further comprising a communica- 
tions link between a query server, connected to the 
search engine, and access control lists associated with 
the web servers. 
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4. A method of document retrieval in a network 
environment having web servers where documents are stored 
and query servers where document searches are launched 
comprising, 

executing a query on a query server having 
access to a document index of documents available for 
searching on document servers by a person having a unique 
identification code without regard to access control 
limitations, yielding a list of all relevant documents, 
each document having a unique URL, 

reviewing all URLs after the search is executed 
using an access control list associated with each 
document server to check whether each URL is compatible 
with the access level of the identification code of the 
person executing the query, and 

delivering only those documents whose URL is 
compatible with the access level of the person- 

5. The method of claim 4 further defined by providing a 
data link between the query server and access control 
lists for associated web servers. 

6. The method of claim 5 further defined by storing the 
access control list separately from the index of 
documents . 

7. The method of claim 5 further defined by storing the 
access control list separately from the documents. 

8. The method of claim 4 further defined by implementing 
access control with partial URLs indicating the hierarchy 
of documents to which a person with a unique 
identification code has access. 
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9. The method of claim 4 further defined by implementing 
access control with a common gateway interface script • 

10. The method of claim 9 wherein said common gateway 
interface script returns a message to the query server 
indicating URLs to which a person with a unique 
identification code has access, 

11. The method of claim 5 wherein a single access 
control list is provided for all document servers • 

12 . The method of claim 5 wherein an access control list 
is provided for each document server. 

13. A method of document retrieval in a network 
environment having web servers where documents are stored 
and query servers where document searches are launched 
comprising, 

a plurality of document servers, each having a 
plurality of documents, each document identified with a 
unique URL, each document server having an access control 
list defining user identification and for each user 
identification listing URLs for which access is permitted 
or denied, 

executing a query on a query server having 
access to a document index of documents available for 
searching on the document servers by a person having one 
of said identification codes, and 

producing only those documents whose URL is 
compatible with the access level of the identification 
code of the person. 
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14. The method of claim 13 wherein the URLs are 
expressed in HTTP protocol, 

15. The method of claim 13 wherein each access control 
list lists URLs for each user identification number with 
a hierarchical indication of documents for which access 
is permitted or denied. 

16. The method of claim 15 wherein said hierarchical 
indication of documents is by partial URLs. 

17. The method of claim 13 further defined by accessing 
the access control list by the filesystem of the query 
server . 

18. The method of claim 13 further defined by accessing 
the access control list by a file transfer protocol. 

19. The method of claim 13 further defined by confirming 
access to the access control list by a script message 
from a document server. 
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Abstract of the Disclosure 

An electonic document retrieval system and 
method for a collection of information distributed over a 
network having documents stored in web or document 
servers in which an access control list relates user 
identification to documents to which a user has access. 
No access control lists are contained in the documents 
themselves nor are comparisons made between lists of 
users, with their access levels, and the classifications 
of documents. Rather, by the use of URLs or pointers, it 
is possible to associate every document to which a user 
has access with the user identification number or code. 
URLs have a hierchical format which allows partial URLs 
to indicate levels of access. HTTP protocol, FTP and CGI 
protocol employ URL calls for documents and can use the 
access control method and system of the present inven- 
tion. When a search query is applied to a query server, 
a list of hits is returned, together with pertinent URLs. 
The query server consults each access control list 
associated with each document server, to present to the 
user only those URLs for which he has a proper access 
level. Other URLs for which the user does not have 
proper access are kept hidden from the user. 
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